Quote from: dgwebb

Wouldn't it just be a case of listing the possible IP addresses for PN/F9 etc. then hitting Search?  F9 generally starts 212.159 then checking who is connected to the IP?  Unless there is a huge range of IP's that PN own in which case, lots of searching?

Edit: Thanks Barry for rising to the challenge too. I'll know who to look to next time

Quote

Dear {full_name}, This email contains important information about your Internet service from PlusNet. It has recently come to our attention through information available in the media that one of the machines on your network may have recently become infected by a virus or malware/spyware. This particular infection is part of an Internet bot known as 'Kraken'. Below you will find information about this threat and also some suggestions on how you can ensure the machines on your network are kept secure from such vulnerabilities. Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. Some times though, they are used for malicious purposes by spammers and Internet criminals:- http://en.wikipedia.org/wiki/Internet_bot#Malicious_purposes You can find more information about the 'Kraken' bot in the following news article published by the popular IT news outfit 'The Register':- http://www.theregister.co.uk/2008/04/07/kraken_botnet_menace/ Also from The Register (and the reason for our email), is the news article that can be seen here:- http://www.theregister.co.uk/2008/04/29/kraken_botnet_infiltrated/ This latest article references a report from security provider TippingPoint, who managed recently to monitor a week of activity from the 'Kraken' bot and map it back to the individual Internet addresses of machines that had become infected. The report and the list of IP addresses it included can be seen at the following URLs:- http://dvlabs.tippingpoint.com/blog/2008/04/28/kraken-botnet-infiltration http://dvlabs.tippingpoint.com/pub/pamini/kraken_uniq_ips.txt Upon being made aware of this list we decided to check it for any IP addresses that originated from our network. Unfortunately, we found the Internet address that is associated with your account. This makes it highly probable that one of the machines on your network has become infected by the threat mentioned in the articles above. Whilst virus and malware infections are only too common nowadays, we thought that we would proactively notify you of this so that you can take the necessary measures to disinfect any machines that you own that may have become compromised. As a starting point, you should run a full, up to date virus and spyware scan of all of the machines that use your connection. You can find an free online virus scan at the following address: http://housecall.trendmicro.com/ There are also a number of free anti-spyware and ant-virus applications that can be readily downloaded from the Internet and used to scan your computers. AVG Free - an anti-virus application, can be downloaded here: http://free.grisoft.com/doc/download-free-anti-virus/us/frt/0 Lavasoft Adaware - an anti-spyware application, can be downloaded here: http://www.download.com/Ad-Aware-2007-Free/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=to... You may also want to consider the use of a software or server-side Firewall, especially if you use a USB modem to connect to the Internet:- http://www.plus.net/support/security/firewalls/index.shtml Further help and advice regarding Internet Security is available here: http://usertools.plus.net/tutorials/id/4 We hope you appreciate notification of our findings, however if you do have any questions then please don't hesitate to visit our discussion forums, or raise a support ticket using the Help Assistant available on our website:- http://community.plus.net/forum/index.php https://portal.plus.net/wizard/?helpheader=helpassistant Kind Regards, Bob Pullen PlusNet Customer Support http://www.plus.net This email has been sent as it contains important information about your service from PlusNet. Please do not reply to this email, as this is an unmonitored address. PlusNet PLC Registered Office: Internet House, 2 Tenter Street, Sheffield, S1 4BY Registered in England no: 3279013

Quote from: dgwebb

With this in mind (along with the myriad of trojan/virus/spyware etc..) what are the chances of a PN email to everyone with a gentle reminder on keeping their system clean with links to top class free software?